Encryption Plus Hard Disk encrypts entire hard disks or selected partitions. Encryption of the OS files is optional. It also offers pre-boot authentication whether or not the operating system files are encrypted.
This effectively prevents unauthorized use of the computer. Supported operating systems include Windows NT/2000/ XP. A version is available that is certified against the Common Criteria at Evaluation Assurance Level 1.
A username and password must be entered before access is granted to encrypted drives and partitions that may be available to that user. This login is required before the Windows login screen appears and it is optional to enable single sign-on, which automatically completes the Windows login using the users Windows credentials (which Encryption Plus stores in an encrypted file). Any file created or placed on an encrypted drive is automatically encrypted.
The administrator can optionally prevent a user from permanently decrypting drives that have been encrypted. Only local hard disks can be encrypted - not network drives.
Key recovery is provided in three ways. A hierarchy of users and 'corporate' and 'local' administrators means that administrators can access all user files encrypted by lower-level users. Secondly, the helpdesk can generate one-time passwords based on a challenge-response system. Finally, there is AuthentiCheck, which is very popular with users and helpdesks alike because it automates password recovery by enabling the user to define three questions and answers, which can be quite long and complicated if desired. When a user forgets his password, he is asked these three questions by the computer and must answer them exactly as he pre-defined them to recover it.
Encryption Plus Hard Disk is easy to deploy, as the administrator can create install disks, which may be distributed to users so they can install the administrator's pre-defined configuration.
Passwords can be up to 24 characters and strong password policies can be enforced. Although the bulk data encryption is based on the 256-bit AES secret-key algorithm, Encryption Plus also uses RSA public-key technology to encrypt the AES encryption key using the username and password.
Good automated secure password-recovery minimizes helpdesk load.
Does not encrypt files for transmission by email, on removable media, or stored on network drives
A good pre-boot authentication and disk encryption program with all the administration, deployment, and recovery features demanded by enterprise customers.